github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-06 07:48:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

Upgrade Node.js version to 24.

Browse Source 
This requires creating a new major-version (v4) of codeql-action.
This commit is contained in:
Mario Campos
2025-09-26 19:36:42 +00:00
parent 80cb6b56b9
commit 7434149006
16 changed files with 69 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/actions/check-sarif/action.yml vendored
View File

@@ -16,5 +16,5 @@ inputs:
Comma separated list of query ids that should NOT be included in this SARIF file. Comma separated list of query ids that should NOT be included in this SARIF file.
runs: runs:
using: node20 using: node24
main: index.js main: index.js

2
.github/workflows/pr-checks.yml vendored
View File

@@ -72,7 +72,7 @@ jobs:
run: npm run lint-ci run: npm run lint-ci
- name: Upload sarif - name: Upload sarif
uses: github/codeql-action/upload-sarif@v3 uses: github/codeql-action/upload-sarif@v4
if: matrix.os == 'ubuntu-latest' if: matrix.os == 'ubuntu-latest'
with: with:
sarif_file: eslint.sarif sarif_file: eslint.sarif

2
CONTRIBUTING.md
View File

@@ -13,7 +13,7 @@ Please note that this project is released with a [Contributor Code of Conduct][c
## Development and Testing ## Development and Testing
Before you start, ensure that you have a recent version of node (16 or higher) installed, along with a recent version of npm (9.2 or higher). You can see which version of node is used by the action in `init/action.yml`. Before you start, ensure that you have a recent version of node (24 or higher) installed, along with a recent version of npm (9.2 or higher). You can see which version of node is used by the action in `init/action.yml`.
### Common tasks ### Common tasks

3
README.md
View File

@@ -62,7 +62,8 @@ For compiled languages:
The following versions of the CodeQL Action are currently supported: The following versions of the CodeQL Action are currently supported:
- v3 (latest) - v3
- v4 (latest)
## Supported versions of the CodeQL Bundle on GitHub Enterprise Server ## Supported versions of the CodeQL Bundle on GitHub Enterprise Server

2
analyze/action.yml
View File

@@ -92,6 +92,6 @@ outputs:
sarif-id: sarif-id:
description: The ID of the uploaded SARIF file. description: The ID of the uploaded SARIF file.
runs: runs:
using: node20 using: node24
main: "../lib/analyze-action.js" main: "../lib/analyze-action.js"
post: "../lib/analyze-action-post.js" post: "../lib/analyze-action-post.js"

2
autobuild/action.yml
View File

@@ -15,5 +15,5 @@ inputs:
$GITHUB_WORKSPACE as its working directory. $GITHUB_WORKSPACE as its working directory.
required: false required: false
runs: runs:
using: node20 using: node24
main: '../lib/autobuild-action.js' main: '../lib/autobuild-action.js'

2
build.mjs
View File

@@ -68,7 +68,7 @@ const context = await esbuild.context({
outdir: OUT_DIR, outdir: OUT_DIR,
platform: "node", platform: "node",
plugins: [cleanPlugin, copyDefaultsPlugin, onEndPlugin], plugins: [cleanPlugin, copyDefaultsPlugin, onEndPlugin],
target: ["node20"], target: ["node24"],
}); });
await context.rebuild(); await context.rebuild();

2
init/action.yml
View File

@@ -165,6 +165,6 @@ outputs:
codeql-version: codeql-version:
description: The version of the CodeQL binary used for analysis description: The version of the CodeQL binary used for analysis
runs: runs:
using: node20 using: node24
main: '../lib/init-action.js' main: '../lib/init-action.js'
post: '../lib/init-action-post.js' post: '../lib/init-action-post.js'

24
package-lock.json generated
View File

@@ -1,12 +1,12 @@
{ {
"name": "codeql", "name": "codeql",
"version": "3.30.6", "version": "4.30.6",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "codeql", "name": "codeql",
"version": "3.30.6", "version": "4.30.6",
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"@actions/artifact": "^2.3.1", "@actions/artifact": "^2.3.1",
@@ -47,7 +47,7 @@
"@types/console-log-level": "^1.4.5", "@types/console-log-level": "^1.4.5",
"@types/follow-redirects": "^1.14.4", "@types/follow-redirects": "^1.14.4",
"@types/js-yaml": "^4.0.9", "@types/js-yaml": "^4.0.9",
"@types/node": "20.19.9", "@types/node": "^24.5.2",
"@types/node-forge": "^1.3.14", "@types/node-forge": "^1.3.14",
"@types/semver": "^7.7.1", "@types/semver": "^7.7.1",
"@types/sinon": "^17.0.4", "@types/sinon": "^17.0.4",
@@ -2660,13 +2660,13 @@
"license": "MIT" "license": "MIT"
}, },
"node_modules/@types/node": { "node_modules/@types/node": {
"version": "20.19.9", "version": "24.6.0",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.19.9.tgz", "resolved": "https://registry.npmjs.org/@types/node/-/node-24.6.0.tgz",
"integrity": "sha512-cuVNgarYWZqxRJDQHEB58GEONhOK79QVR/qYx4S7kcUObQvUwvFnYxJuuHUKm2aieN9X3yZB4LZsuYNU1Qphsw==", "integrity": "sha512-F1CBxgqwOMc4GKJ7eY22hWhBVQuMYTtqI8L0FcszYcpYX0fzfDGpez22Xau8Mgm7O9fI+zA/TYIdq3tGWfweBA==",
"dev": true, "dev": true,
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"undici-types": "~6.21.0" "undici-types": "~7.13.0"
} }
}, },
"node_modules/@types/node-forge": { "node_modules/@types/node-forge": {
@@ -4200,9 +4200,7 @@
"license": "MIT" "license": "MIT"
}, },
"node_modules/brace-expansion": { "node_modules/brace-expansion": {
"version": "1.1.12", "version": "1.1.11",
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
"integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"balanced-match": "^1.0.0", "balanced-match": "^1.0.0",
@@ -9197,9 +9195,9 @@
} }
}, },
"node_modules/undici-types": { "node_modules/undici-types": {
"version": "6.21.0", "version": "7.13.0",
"resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz", "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.13.0.tgz",
"integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==", "integrity": "sha512-Ov2Rr9Sx+fRgagJ5AX0qvItZG/JKKoBRAVITs1zk7IqZGTJUwgUr7qoYBpWwakpWilTZFM98rG/AFRocu10iIQ==",
"dev": true, "dev": true,
"license": "MIT" "license": "MIT"
}, },

4
package.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "codeql", "name": "codeql",
"version": "3.30.6", "version": "4.30.6",
"private": true, "private": true,
"description": "CodeQL action", "description": "CodeQL action",
"scripts": { "scripts": {
@@ -62,7 +62,7 @@
"@types/console-log-level": "^1.4.5", "@types/console-log-level": "^1.4.5",
"@types/follow-redirects": "^1.14.4", "@types/follow-redirects": "^1.14.4",
"@types/js-yaml": "^4.0.9", "@types/js-yaml": "^4.0.9",
"@types/node": "20.19.9", "@types/node": "^24.5.2",
"@types/node-forge": "^1.3.14", "@types/node-forge": "^1.3.14",
"@types/semver": "^7.7.1", "@types/semver": "^7.7.1",
"@types/sinon": "^17.0.4", "@types/sinon": "^17.0.4",

2
resolve-environment/action.yml
View File

@@ -21,5 +21,5 @@ outputs:
environment: environment:
description: The inferred build environment configuration. description: The inferred build environment configuration.
runs: runs:
using: node20 using: node24
main: '../lib/resolve-environment-action.js' main: '../lib/resolve-environment-action.js'

6
src/autobuild.ts
View File

@@ -52,11 +52,11 @@ export async function determineAutobuildLanguages(
* For example, consider a user with the following workflow file: * For example, consider a user with the following workflow file:
* *
* ```yml * ```yml
* - uses: github/codeql-action/init@v3 * - uses: github/codeql-action/init@v4
* with: * with:
* languages: go, java * languages: go, java
* - uses: github/codeql-action/autobuild@v3 * - uses: github/codeql-action/autobuild@v4
* - uses: github/codeql-action/analyze@v3 * - uses: github/codeql-action/analyze@v4
* ``` * ```
* *
* - With Go extraction disabled, we will run the Java autobuilder in the * - With Go extraction disabled, we will run the Java autobuilder in the

24
src/init-action-post-helper.test.ts
View File

@@ -84,14 +84,14 @@ test("uploads failed SARIF run with `diagnostics export` if feature flag is off"
}, },
{ {
name: "Initialize CodeQL", name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3", uses: "github/codeql-action/init@v4",
with: { with: {
languages: "javascript", languages: "javascript",
}, },
}, },
{ {
name: "Perform CodeQL Analysis", name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3", uses: "github/codeql-action/analyze@v4",
with: { with: {
category: "my-category", category: "my-category",
}, },
@@ -108,14 +108,14 @@ test("uploads failed SARIF run with `diagnostics export` if the database doesn't
}, },
{ {
name: "Initialize CodeQL", name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3", uses: "github/codeql-action/init@v4",
with: { with: {
languages: "javascript", languages: "javascript",
}, },
}, },
{ {
name: "Perform CodeQL Analysis", name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3", uses: "github/codeql-action/analyze@v4",
with: { with: {
category: "my-category", category: "my-category",
}, },
@@ -135,14 +135,14 @@ test("uploads failed SARIF run with database export-diagnostics if the database
}, },
{ {
name: "Initialize CodeQL", name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3", uses: "github/codeql-action/init@v4",
with: { with: {
languages: "javascript", languages: "javascript",
}, },
}, },
{ {
name: "Perform CodeQL Analysis", name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3", uses: "github/codeql-action/analyze@v4",
with: { with: {
category: "my-category", category: "my-category",
}, },
@@ -192,14 +192,14 @@ for (const { uploadInput, shouldUpload } of UPLOAD_INPUT_TEST_CASES) {
}, },
{ {
name: "Initialize CodeQL", name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3", uses: "github/codeql-action/init@v4",
with: { with: {
languages: "javascript", languages: "javascript",
}, },
}, },
{ {
name: "Perform CodeQL Analysis", name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3", uses: "github/codeql-action/analyze@v4",
with: { with: {
category: "my-category", category: "my-category",
upload: uploadInput, upload: uploadInput,
@@ -227,14 +227,14 @@ test("uploading failed SARIF run succeeds when workflow uses an input with a mat
}, },
{ {
name: "Initialize CodeQL", name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3", uses: "github/codeql-action/init@v4",
with: { with: {
languages: "javascript", languages: "javascript",
}, },
}, },
{ {
name: "Perform CodeQL Analysis", name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3", uses: "github/codeql-action/analyze@v4",
with: { with: {
category: "/language:${{ matrix.language }}", category: "/language:${{ matrix.language }}",
}, },
@@ -254,14 +254,14 @@ test("uploading failed SARIF run fails when workflow uses a complex upload input
}, },
{ {
name: "Initialize CodeQL", name: "Initialize CodeQL",
uses: "github/codeql-action/init@v3", uses: "github/codeql-action/init@v4",
with: { with: {
languages: "javascript", languages: "javascript",
}, },
}, },
{ {
name: "Perform CodeQL Analysis", name: "Perform CodeQL Analysis",
uses: "github/codeql-action/analyze@v3", uses: "github/codeql-action/analyze@v4",
with: { with: {
upload: "${{ matrix.language != 'csharp' }}", upload: "${{ matrix.language != 'csharp' }}",
}, },

58
src/workflow.test.ts
View File

@@ -395,9 +395,9 @@ async function testLanguageAliases(
}, },
}, },
steps: [ steps: [
{ uses: "actions/checkout@v3" }, { uses: "actions/checkout@v4" },
{ uses: "github/codeql-action/init@v3" }, { uses: "github/codeql-action/init@v4" },
{ uses: "github/codeql-action/analyze@v3" }, { uses: "github/codeql-action/analyze@v4" },
], ],
}, },
}, },
@@ -666,7 +666,7 @@ test("getWorkflowErrors() should report a warning if different versions of the C
analyze: analyze:
steps: steps:
- uses: github/codeql-action/init@v2 - uses: github/codeql-action/init@v2
- uses: github/codeql-action/analyze@v3 - uses: github/codeql-action/analyze@v4
`) as Workflow, `) as Workflow,
await getCodeQLForTesting(), await getCodeQLForTesting(),
); );
@@ -686,8 +686,8 @@ test("getWorkflowErrors() should not report a warning if the same versions of th
jobs: jobs:
analyze: analyze:
steps: steps:
- uses: github/codeql-action/init@v3 - uses: github/codeql-action/init@v4
- uses: github/codeql-action/analyze@v3 - uses: github/codeql-action/analyze@v4
`) as Workflow, `) as Workflow,
await getCodeQLForTesting(), await getCodeQLForTesting(),
); );
@@ -706,7 +706,7 @@ test("getWorkflowErrors() should not report a warning involving versions of othe
analyze: analyze:
steps: steps:
- uses: actions/checkout@v5 - uses: actions/checkout@v5
- uses: github/codeql-action/init@v3 - uses: github/codeql-action/init@v4
`) as Workflow, `) as Workflow,
await getCodeQLForTesting(), await getCodeQLForTesting(),
); );
@@ -723,9 +723,9 @@ test("getCategoryInputOrThrow returns category for simple workflow with category
analysis: analysis:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: github/codeql-action/init@v3 - uses: github/codeql-action/init@v4
- uses: github/codeql-action/analyze@v3 - uses: github/codeql-action/analyze@v4
with: with:
category: some-category category: some-category
`) as Workflow, `) as Workflow,
@@ -745,9 +745,9 @@ test("getCategoryInputOrThrow returns undefined for simple workflow without cate
analysis: analysis:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: github/codeql-action/init@v3 - uses: github/codeql-action/init@v4
- uses: github/codeql-action/analyze@v3 - uses: github/codeql-action/analyze@v4
`) as Workflow, `) as Workflow,
"analysis", "analysis",
{}, {},
@@ -765,19 +765,19 @@ test("getCategoryInputOrThrow returns category for workflow with multiple jobs",
foo: foo:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: github/codeql-action/init@v3 - uses: github/codeql-action/init@v4
- runs: ./build foo - runs: ./build foo
- uses: github/codeql-action/analyze@v3 - uses: github/codeql-action/analyze@v4
with: with:
category: foo-category category: foo-category
bar: bar:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: github/codeql-action/init@v3 - uses: github/codeql-action/init@v4
- runs: ./build bar - runs: ./build bar
- uses: github/codeql-action/analyze@v3 - uses: github/codeql-action/analyze@v4
with: with:
category: bar-category category: bar-category
`) as Workflow, `) as Workflow,
@@ -800,11 +800,11 @@ test("getCategoryInputOrThrow finds category for workflow with language matrix",
matrix: matrix:
language: [javascript, python] language: [javascript, python]
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: github/codeql-action/init@v3 - uses: github/codeql-action/init@v4
with: with:
language: \${{ matrix.language }} language: \${{ matrix.language }}
- uses: github/codeql-action/analyze@v3 - uses: github/codeql-action/analyze@v4
with: with:
category: "/language:\${{ matrix.language }}" category: "/language:\${{ matrix.language }}"
`) as Workflow, `) as Workflow,
@@ -824,9 +824,9 @@ test("getCategoryInputOrThrow throws error for workflow with dynamic category",
jobs: jobs:
analysis: analysis:
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: github/codeql-action/init@v3 - uses: github/codeql-action/init@v4
- uses: github/codeql-action/analyze@v3 - uses: github/codeql-action/analyze@v4
with: with:
category: "\${{ github.workflow }}" category: "\${{ github.workflow }}"
`) as Workflow, `) as Workflow,
@@ -851,12 +851,12 @@ test("getCategoryInputOrThrow throws error for workflow with multiple calls to a
analysis: analysis:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: github/codeql-action/init@v3 - uses: github/codeql-action/init@v4
- uses: github/codeql-action/analyze@v3 - uses: github/codeql-action/analyze@v4
with: with:
category: some-category category: some-category
- uses: github/codeql-action/analyze@v3 - uses: github/codeql-action/analyze@v4
with: with:
category: another-category category: another-category
`) as Workflow, `) as Workflow,

2
start-proxy/action.yml
View File

@@ -26,6 +26,6 @@ outputs:
proxy_urls: proxy_urls:
description: A stringified JSON array of objects containing the types and URLs of the configured registries. description: A stringified JSON array of objects containing the types and URLs of the configured registries.
runs: runs:
using: node20 using: node24
main: "../lib/start-proxy-action.js" main: "../lib/start-proxy-action.js"
post: "../lib/start-proxy-action-post.js" post: "../lib/start-proxy-action-post.js"

2
upload-sarif/action.yml
View File

@@ -41,6 +41,6 @@ outputs:
{ "code-scanning": "some-id", "code-quality": "some-other-id" } { "code-scanning": "some-id", "code-quality": "some-other-id" }
runs: runs:
using: node20 using: node24
main: '../lib/upload-sarif-action.js' main: '../lib/upload-sarif-action.js'
post: '../lib/upload-sarif-action-post.js' post: '../lib/upload-sarif-action-post.js'